From c79f9144a6bac9b1dbdffcd6a02762a6adeabcfa Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 3 Oct 2020 20:30:14 +0200 Subject: smoketest: sstp: pppoe: use common RADIUS tests --- smoketest/scripts/cli/base_accel_ppp_test.py | 62 ++++++++++++++ smoketest/scripts/cli/test_service_pppoe-server.py | 99 ++++++---------------- smoketest/scripts/cli/test_vpn_sstp.py | 2 +- 3 files changed, 87 insertions(+), 76 deletions(-) (limited to 'smoketest/scripts/cli') diff --git a/smoketest/scripts/cli/base_accel_ppp_test.py b/smoketest/scripts/cli/base_accel_ppp_test.py index 5cf72b2dc..94834ad4c 100644 --- a/smoketest/scripts/cli/base_accel_ppp_test.py +++ b/smoketest/scripts/cli/base_accel_ppp_test.py @@ -100,6 +100,9 @@ class BasicAccelPPPTest: conf = ConfigParser(allow_no_value=True, delimiters='=') conf.read(self._config_file) + # check proper path to chap-secrets file + self.assertEqual(conf['chap-secrets']['chap-secrets'], self._chap_secrets) + # basic verification self.verify(conf) @@ -111,3 +114,62 @@ class BasicAccelPPPTest: # Check for running process self.assertTrue(process_named_running(self._process_name)) + + def test_authentication_radius(self): + """ Test configuration of RADIUS authentication for PPPoE server """ + self.basic_config() + + radius_server = '192.0.2.22' + radius_key = 'secretVyOS' + radius_port = '2000' + radius_port_acc = '3000' + + self.set(['authentication', 'mode', 'radius']) + self.set(['authentication', 'radius', 'server', radius_server, 'key', radius_key]) + self.set(['authentication', 'radius', 'server', radius_server, 'port', radius_port]) + self.set(['authentication', 'radius', 'server', radius_server, 'acct-port', radius_port_acc]) + + coa_server = '4.4.4.4' + coa_key = 'testCoA' + self.set(['authentication', 'radius', 'dynamic-author', 'server', coa_server]) + self.set(['authentication', 'radius', 'dynamic-author', 'key', coa_key]) + + nas_id = 'VyOS-PPPoE' + nas_ip = '7.7.7.7' + self.set(['authentication', 'radius', 'nas-identifier', nas_id]) + self.set(['authentication', 'radius', 'nas-ip-address', nas_ip]) + + source_address = '1.2.3.4' + self.set(['authentication', 'radius', 'source-address', source_address]) + + # commit changes + self.session.commit() + + # Validate configuration values + conf = ConfigParser(allow_no_value=True, delimiters='=') + conf.read(self._config_file) + + # basic verification + self.verify(conf) + + # check auth + self.assertTrue(conf['radius'].getboolean('verbose')) + self.assertEqual(conf['radius']['acct-timeout'], '3') + self.assertEqual(conf['radius']['timeout'], '3') + self.assertEqual(conf['radius']['max-try'], '3') + + self.assertEqual(conf['radius']['dae-server'], f'{coa_server}:1700,{coa_key}') + self.assertEqual(conf['radius']['nas-identifier'], nas_id) + self.assertEqual(conf['radius']['nas-ip-address'], nas_ip) + self.assertEqual(conf['radius']['bind'], source_address) + + server = conf['radius']['server'].split(',') + self.assertEqual(radius_server, server[0]) + self.assertEqual(radius_key, server[1]) + self.assertEqual(f'auth-port={radius_port}', server[2]) + self.assertEqual(f'acct-port={radius_port_acc}', server[3]) + self.assertEqual(f'req-limit=0', server[4]) + self.assertEqual(f'fail-time=0', server[5]) + + # Check for running process + self.assertTrue(process_named_running(self._process_name)) diff --git a/smoketest/scripts/cli/test_service_pppoe-server.py b/smoketest/scripts/cli/test_service_pppoe-server.py index 32439da5b..dea8d838e 100755 --- a/smoketest/scripts/cli/test_service_pppoe-server.py +++ b/smoketest/scripts/cli/test_service_pppoe-server.py @@ -78,13 +78,14 @@ class TestServicePPPoEServer(BasicAccelPPPTest.BaseTest): super().basic_config() - def test_foo(self): + def test_ppp_options(self): """ Test configuration of local authentication for PPPoE server """ self.basic_config() # other settings + mppe = 'require' self.set(['ppp-options', 'ccp']) - self.set(['ppp-options', 'mppe', 'require']) + self.set(['ppp-options', 'mppe', mppe]) self.set(['limits', 'connection-limit', '20/min']) # min-mtu @@ -105,12 +106,10 @@ class TestServicePPPoEServer(BasicAccelPPPTest.BaseTest): # basic verification self.verify(conf) - # check auth - self.assertEqual(conf['chap-secrets']['chap-secrets'], self._chap_secrets) self.assertEqual(conf['chap-secrets']['gw-ip-address'], gateway) # check ppp - self.assertEqual(conf['ppp']['mppe'], 'require') + self.assertEqual(conf['ppp']['mppe'], mppe) self.assertEqual(conf['ppp']['min-mtu'], min_mtu) self.assertEqual(conf['ppp']['mru'], mru) @@ -122,75 +121,6 @@ class TestServicePPPoEServer(BasicAccelPPPTest.BaseTest): # Check for running process self.assertTrue(process_named_running(self._process_name)) - def test_authentication_radius(self): - """ Test configuration of RADIUS authentication for PPPoE server """ - radius_server = '192.0.2.22' - radius_key = 'secretVyOS' - radius_port = '2000' - radius_port_acc = '3000' - radius_acct_interim_jitter = '9' - radius_called_sid = 'ifname:mac' - - self.basic_config() - - self.set(['authentication', 'mode', 'radius']) - self.set(['authentication', 'radius', 'server', radius_server, 'key', radius_key]) - self.set(['authentication', 'radius', 'server', radius_server, 'port', radius_port]) - self.set(['authentication', 'radius', 'server', radius_server, 'acct-port', radius_port_acc]) - self.set(['authentication', 'radius', 'acct-interim-jitter', radius_acct_interim_jitter]) - self.set(['authentication', 'radius', 'called-sid-format', radius_called_sid]) - - coa_server = '4.4.4.4' - coa_key = 'testCoA' - self.set(['authentication', 'radius', 'dynamic-author', 'server', coa_server]) - self.set(['authentication', 'radius', 'dynamic-author', 'key', coa_key]) - - nas_id = 'VyOS-PPPoE' - nas_ip = '7.7.7.7' - self.set(['authentication', 'radius', 'nas-identifier', nas_id]) - self.set(['authentication', 'radius', 'nas-ip-address', nas_ip]) - - source_address = '1.2.3.4' - self.set(['authentication', 'radius', 'source-address', source_address]) - - # commit changes - self.session.commit() - - # Validate configuration values - conf = ConfigParser(allow_no_value=True, delimiters='=') - conf.read(self._config_file) - - # basic verification - self.verify(conf) - - # check auth - self.assertTrue(conf['radius'].getboolean('verbose')) - self.assertEqual(conf['radius']['acct-timeout'], '3') - self.assertEqual(conf['radius']['timeout'], '3') - self.assertEqual(conf['radius']['max-try'], '3') - self.assertEqual(conf['radius']['gw-ip-address'], gateway) - self.assertEqual(conf['radius']['acct-interim-jitter'], radius_acct_interim_jitter) - self.assertEqual(conf['radius']['called-sid'], radius_called_sid) - self.assertEqual(conf['radius']['dae-server'], f'{coa_server}:1700,{coa_key}') - self.assertEqual(conf['radius']['nas-identifier'], nas_id) - self.assertEqual(conf['radius']['nas-ip-address'], nas_ip) - self.assertEqual(conf['radius']['bind'], source_address) - - server = conf['radius']['server'].split(',') - self.assertEqual(radius_server, server[0]) - self.assertEqual(radius_key, server[1]) - self.assertEqual(f'auth-port={radius_port}', server[2]) - self.assertEqual(f'acct-port={radius_port_acc}', server[3]) - self.assertEqual(f'req-limit=0', server[4]) - self.assertEqual(f'fail-time=0', server[5]) - - # check defaults - self.assertEqual(conf['ppp']['mppe'], 'prefer') - self.assertFalse(conf['ppp'].getboolean('ccp')) - - # Check for running process - self.assertTrue(process_named_running(self._process_name)) - def test_authentication_protocols(self): """ Test configuration of local authentication for PPPoE server """ self.basic_config() @@ -210,7 +140,6 @@ class TestServicePPPoEServer(BasicAccelPPPTest.BaseTest): # Check for running process self.assertTrue(process_named_running(self._process_name)) - def test_client_ip_pool(self): """ Test configuration of IPv6 client pools """ self.basic_config() @@ -282,5 +211,25 @@ class TestServicePPPoEServer(BasicAccelPPPTest.BaseTest): # Check for running process self.assertTrue(process_named_running(self._process_name)) + + def test_authentication_radius(self): + radius_called_sid = 'ifname:mac' + radius_acct_interim_jitter = '9' + + self.set(['authentication', 'radius', 'called-sid-format', radius_called_sid]) + self.set(['authentication', 'radius', 'acct-interim-jitter', radius_acct_interim_jitter]) + + # run common tests + super().test_authentication_radius() + + # Validate configuration values + conf = ConfigParser(allow_no_value=True, delimiters='=') + conf.read(self._config_file) + + # Validate configuration + self.assertEqual(conf['radius']['called-sid'], radius_called_sid) + self.assertEqual(conf['radius']['acct-interim-jitter'], radius_acct_interim_jitter) + + if __name__ == '__main__': unittest.main() diff --git a/smoketest/scripts/cli/test_vpn_sstp.py b/smoketest/scripts/cli/test_vpn_sstp.py index d129867cc..ca5b307dd 100755 --- a/smoketest/scripts/cli/test_vpn_sstp.py +++ b/smoketest/scripts/cli/test_vpn_sstp.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 020 VyOS maintainers and contributors +# Copyright (C) 2020 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as -- cgit v1.2.3